Skip to content
This repository was archived by the owner on Sep 3, 2022. It is now read-only.

Ensure that home directories have the right owner at startup. #2067

Merged
merged 1 commit into from
Aug 23, 2018
Merged

Ensure that home directories have the right owner at startup. #2067

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Ensure that home directories have the right owner at startup. 
Apparently, Container Optimized OS stores the users database in a temp
filesystem, causing it to get lost and recreated every time an
instance is restarted.

Among the many important things recorded in that database is the
mapping from user names (e.g. `datalab`) to user numeric
IDs (e.g. `2000`). By recreating the users database on every restart,
that mapping can change seemingly randomly.

For instance, the `datalab` user can have an ID of `2000` on one boot,
with the `logger` user having an ID of `2001`, and after rebooting the
instance those numbers could be reversed: `datalab` having a user ID
of `2001` and `logger` having a user ID of `2000`.

Since file ownership is defined in terms of user ID, this means that
the owner of files under each home directory can change randomly every
time an instance is rebooted.

That, in turn, causes `datalab connect` calls to fail, as the SSH
tunnel cannot be created if the `datalab` user cannot log in.

This change fixes that problem by making the file ownership of the
`/home/datalab` and `/home/logger` directories stable. That is done by
attempting to assign those two users consistent UIDs, and then forcing
the file ownership to match the corresponding users even if the UID
has changed.

Changing the startup script in the `create.py` file is sufficient to
do this for both regular and gpu-enabled instances, as GPU instances
no longer have their own startup-script extensions. This change
also removes the structure that was previously used for startup-script
extensions in order to make clear the fact that they are no longer
used.

This fixes #2014
  • Loading branch information
@ojarjur
ojarjur committed Aug 23, 2018
commit 1b7789764e747b2aa121e8afd09858725c52da71
20 changes: 13 additions & 7 deletions tools/cli/commands/create.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,11 +59,20 @@

_DATALAB_NOTEBOOKS_REPOSITORY = 'datalab-notebooks'

_DATALAB_BASE_STARTUP_SCRIPT = """#!/bin/bash
_DATALAB_STARTUP_SCRIPT = """#!/bin/bash

# First, make sure the `datalab` user exists with their
# home directory setup correctly.
useradd datalab
# First, make sure the `datalab` and `logger` users exist with their
# home directories setup correctly.
useradd datalab -u 2000 || useradd datalab
useradd logger -u 2001 || useradd logger

# In case the instance has started before, the `/home/datalab` directory
# may already exist, but with the incorrect user ID (since `/etc/passwd`
# is saved in a tmpfs and changes after restarts). To account for that,
# we should force the file ownership under `/home/datalab` to match
# the current UID for the `datalab` user.
chown -R datalab /home/datalab
chown -R logger /home/logger

PERSISTENT_DISK_DEV="/dev/disk/by-id/google-datalab-pd"
MOUNT_DIR="/mnt/disks/datalab-pd"
Expand Down Expand Up @@ -214,9 +223,6 @@
find "${{tmpdir}}/" -mindepth 1 -delete
}}

"""

_DATALAB_STARTUP_SCRIPT = _DATALAB_BASE_STARTUP_SCRIPT + """
download_docker_image
mount_and_prepare_disk
configure_swap
Expand Down